eBlocker Offers a Hardware Solution to the Online Privacy Problem

Many of us have ad-blocking scripts installed on our web browsers to protect our, but that is truly enough?

If you want to go for a suspenders-and-belt approach, you might consider the eBlocker Pro. On display in the Sands Expo this week at CES 2016, this $99 device is a network appliance that promises to give an added level of security.

Simply plug it in, and it will stop all tracking scripts, blocks ads and lets you surf truly anonymously. It will hide your IP address, and it will also give any device on that network the same cloaking ability. It also prevents data collection from third parties without your permission, giving you control of your online identity.

“The internet has evolved into mass surveillance, and most people have no idea how much data is collected without their knowledge and then used against them,” said Christian Bennefeld, founder, eBlocker. “User profiles employed by third parties can result in you paying more for goods, flights, hotels and can even influence insurance rates and home loans. We strongly believe that a user should know who is collecting this data, and be able to stop it if they desire.”

The hardware is being shown off this week in Las Vegas, and it will be available through a Kickstarter campaign on 20 January (the company had previously run a successful Indiegogo campaign).

$99 will get you an eBlocker Pro, while the eBlocker Family costs $124. Both come with a year of updates, but if you want a lifetime updates then you will have to pony up $299.

That is a high price to pay for privacy, compared to the free web browser extensions; do you think it is worth it?

Like this:

Check These Out!

Nate Hoffelder is the founder and editor of The Digital Reader:"I've been into reading ebooks since forever, but I only got my first ereader in July 2007. Everything quickly spiraled out of control from there. Before I started this blog in January 2010 I covered ebooks, ebook readers, and digital publishing for about 2 years as a part of MobileRead Forums. It's a great community, and being a member is a joy. But I thought I could make something out of how I covered the news for MobileRead, so I started this blog."

14 Comments on eBlocker Offers a Hardware Solution to the Online Privacy Problem

I use a VPN. It’s one of the best things you can do to protect your privacy. It hides your ip address, it’s secure to use in public wifi, mine blocks all trackers and protects me from harmful sites. It comes at a price though. It costs money and your speed suffers, but to me that’s not a problem. Furthermore, choose a safe browser like Firefox or TorBrowser, use encryption wherever you can, don’t use apps that track your soul if you can avoid them. Use Signal instead of WhatsApp etcetera. And off course there are numerous websites with tips how to protect yourself.

I see the benefit of eBlocker. It’s simple and it offers security for all devices in your home at once. But when using a laptop in a lot of different locations I would stick with my own setup. If you trust only on eBlocker you would be unprotected when on the road.

Call me a privacy nut, but I don’t think there is enough that can be done in today’s environment to insure one’s privacy. I recently signed on to Private Internet Access (https://www.privateinternetaccess.com/) to get VPN access for my computers. I also use Disconnect.me (https://disconnect.me/) and I avoid, as much as possible, places like Facebook. I also use Sandboxie (http://sandboxie.com/) with a lifetime license. If this device works as promised, I’d consider adding it with lifetime updates. It is probably overkill by a lot for me, but with everything that I do these days online, including financial transactions, and having got hit twice by ransomware thanks to clients, I am willing to overdo protection and privacy.

I have smartphone that is used just to send text messages and make telephone calls. No email or Internet access is done with the device. And when I get a spam telephone call, I add the number to my contact list under the title SPAM and have those numbers sent directly to voicemail. That has cut the number of spam phone calls by at least 80%. I don’t know that any of these numbers have removed me from their call lists, but where some of them would call several times a week, they no longer call at all — or if they do call, I am wholly unaware of it, which is just as good.

At my age, privacy is both a necessary and a wonderful thing. Remember that as we age we become more vulnerable to being scammed. These privacy devices stop scammers before they can scam me or steal my personal information.

Good lord. I’d need a book to talk about all the problems with this product. I mean, I just finished the first draft of that very book, but right now that doesn’t help. And I hadn’t even heard of a device containing so many bad ideas at once.

The Tor router is probably the most disturbing (and irresponsible/incompetent…pick at least one) aspect. The ad blocking is http-only, meaning it doesn’t work over encrypted (https) connections, which is kind of shoveling against the tide. (Supporting this over https would mean either functioning as a man-in-the-middle attack vs. the device’s customers, or blocking entire domains–I’m not aware of a reasonable third choice.)

The rest seems to be more hype than substance. I don’t even want to think about what they claim “anonymized” means, either with regard to Tor traffic or the data this device collects.

No. It’s not worth it. Given that Tor exit relays are very dangerous places to send people, and a malicious actor can automate their creation rather easily, sending unsuspecting and uneducated people’s traffic to/through the Tor network without using the Tor browser is a horrible thing to do. Especially to people who are paying you money. It’s worse if they believe you’re helping them, and have a -reason- to need anonymity. The only way the Tor network can help, at all, in this scenario is to obscure an IP address. That’s not exactly strong anonymity.

Damnit, I just wrote that book. And I said good things about your blog in it too, Nate, by the way. I wish I could point to the thing and say “go read it,” but that’s still a few weeks away. :-/

Hello David, Thanks for your “book” of feedback. It seems there are quite some misunderstandings I’d like to clarify.

1. Tor is just an option to anonymize your IP when accessing sensitive content. We are currently implementing commercial VPN support so you have the choice of what service to use.

2. Ad-blocker and tracker-blocker are also HTTPs. This is done by terminating the SSL connection in the eBlocker and opening a new SSL connection to the client. This is not “man in the middle” as YOU are the man – and the middle is YOUR home. The eBlocker is as much under YOUR control as your client is. We have no access and the eBlocker does not log any data.

3. “anonymized” means that 1. No third parties are tracking you. 2. You can hide your IP of the first party 3. Your device info can be cloaked as well.

As we want to improve, we’d love to hear from you as an expert what other concerns you have.

1. Doesn’t change the claims on your site and elsewhere. 2. That’s -exactly- what a man in the middle attack is. 3. (1) You don’t have any way to know that, and the claim is therefore ridiculous, (2) If I understood this correctly, it may or may not be true, depending on other factors determined by the user’s choice of software and websites to visit, and you’re just sort of hoping here, and (3) cloaked how, precisely? You’re claiming you’ve perfected a defense against, say, browser fingerprinting? If so, which I strongly doubt, have you done so in such a way that it doesn’t look at all unique or uncommon, thus making it actually more of a problem than a solution? Neat trick.

Also, here’s a question for you: how are you going to update this device when, say, Tor gets updated? Since you don’t have access? Even though its developers release updates rather often? As I see it, either (a) you aren’t going to update this system, (b) you’re going to expect your users to get into the guts of the system and do it themselves without help, or (c) you’ll provide them with some sort of auto-update. Which means you’ll have full access.

I’ll just point out that (a) and (b) are going to seem less than useful to almost anybody, and (c) means you’ll be able to run arbitrary code on their devices. Devices which are intercepting and decrypting all their “private” browsing via your built-in man-in-the-middle attack. When your system itself gets hacked, or you do something–anything–that users don’t like, what recourse do they have?

What about those open source lists your device uses? Are they updated? Via what mechanism? How secure is this update process? Who’s performed an audit, and where are the results?

Tell you what. I’ll just stop here. Go read my book, folks, if you want more. It’ll be out in a few weeks.

I think you, Christian, are very likely fully cognizant of all this already. Or you wouldn’t claim statements of fact are misunderstandings, and then attempt to replace them with your spin. Some of which is contradicted by your own website.

How about UDP traffic, Christian? It doesn’t work at all over Tor, which means a lot of voice/video stuff won’t work over Tor either. Will your device block that entirely, or just let it through…thus bypassing Tor entirely? Too bad you told them their IP addresses would be hidden, huh? When it wasn’t even vaguely true.

And about that Tor thing…what if your users use VPNs already, which they have set up to run via software on their computers? Are those VPNs set up over UDP, as most seem to be, and thus either being blocked or bypassing your Tor router? So those people can’t actually be using Tor, can they?

Or are these VPNs set up via TCP, and therefore almost certainly (even if they’ll work, with the bandwidth throttling this implies) therefore use Tor -only- for the connection to the VPN server? Which they’re probably paying for with a credit card in their own name, in which situation I have to say your device is providing no value whatsoever.

In either case…are you warning people not to use a VPN with your device, unless the VPN is set up via an upstream router? Are you warning people that BitTorrent and Tor do not play well together? Are you warning people that these devices are not open source, have not been audited (at least as far as I can see), and will have access to all of their so-called “secure” communications?

Did you warn anyone about Tor exit relays, and how easy they are to set up, and malicious monitoring of web traffic from there? Did you tell people it’s at least a little bit dangerous to browse the web that way without protections in place?

I’m downloaded the eBlocker software and installed it in my Rasby. So far it does exactly what it claims. Pages load faster, are pretty ad-free and number of blocked trackers is shown. I can’t say if that is enough?! Tor is as easy as described. Just tried from my xBox with torcheck = all good. i don’t understand the cloaking feature and have not used it. Overall I am quite happy for what eBlocker does to me.

I believe anyone with moderate to good understanding of browser privacy would likely opt to install a software plugin to protect each device. However, anyone is not everyone. I mean there are probably lots more people using the internet without actually a) knowing about the dangers of profiling and privacy compromise and b) having an intuitive and instant way to opt for network protection. eBlocker seems like a device predestined for use by less technical savvy (and I know LOTS of them) or those who recognize the benefit the eBlocker gives to a network, as it protects wireless devices as well as mobile devices (via VPN) even when out and about. I quite like that actually.

My brother ordered eBlocker (first version) back in October 2015 via Indiegogo and is happy with it – he says it does exactly what it should and the team of programmers is quick to answer questions. Now I myself am by no means an expert in cyber privacy, but I know enough about the industry to be more willing to trust these guys (a German Ltd who pay taxes and work for a living) than those who hide behind the fine print on any website´s privacy disclaimer hoping you´ll click on like buttons and targeted ads.

Don´t mind saying I 100% support this concept and Daniel, my brother even tested and likes the eBlocker.

If I had a smart home with connected devices like a smart tv, zigbee lightbulbs, Nest, etc, I would want a network appliance like the eBlocker which could act as a hardware firewall and restrict all the gadgets from going online.

I’m not sure that eBlocker could do that, but something is going to come along and fill that niche.

First of all eBlocker is a small startup founded by privacy nerds and our focus is to provide anonymous web surfing without being profiled with an out of the box solution. No more – no less. The current eBlockerOS version is at 0.8.3 and we have still some features to implement for a beta. We are confident to release a 1.0 beta in February and are happy about every input we get so we can improve and release a great product very soon.

To your questions: 1) The product will work as described and claimed: Providing full anonymity while *surfing* the web. We do not claim to provide tools for criminals to hide their activity while downloading bittorrents or using different protocols/ports than used for web browsing. We felt we are very clear about this in our marketing material and appologize if you got a different impression.

2) A “man-in-the-middle-attack” is per definition a 3rd party intercepting your communication for illegal access. It’s correct that eBlocker sits in between the communication of your browser as much as your router or a firewall does. If you call your router or firewall doing a “man-in-the-middle-attack” then it’s correct to say the same to eBlocker. But eBlocker, as much as your router or firewall, is installed by yourself with the intention of providing you better security. There is no 3rd party involved and there is no illegal access to your data – the opposite is true. But maybe it’s more of a philosophical question how you want to call it.

3) Neither the eBlocker itself nor the update server is logging any data. For debugging purposes the current version of eBlockerOS can log data ONLY if the user enables logging. The update is done manually by the user or automatically in a user selected timeframe. The authentication is done via x.509-certificates and we do not log ANY data as the certificate is the hard proof for the valid update subscription. And to issue the certificates we save the purchase data in a separate database that has no connection to the update / certificate sever.

4) We have NO REMOTE ACCESS to the eBlocker. All communication to the update server is initiated by the eBlocker. Automatic updates include new software as well as all blocking lists. Of course any software update – starting from browser updates, to any app-update to OS updates – can run new code. BUT if we do “malicious” things on the eBlocker and someone finds out – we are immediately out of business. You can be assured that we have taken high measures that neither internally (on purpose) nor externally malicious code gets into the source. Of course it’s all about trust and we are very open to establish this trust by handing out any information that helps.

5) We are even happy to hand out the source code to security specialists under an NDA for inspection once the software is in a stable v1.0. If you feel like checking it, please get in touch with me (cbennefeld at eblocker.com) and you are among the first to see that we are taking the eBlocker security very very seriously.

6) We are aware that some people say Tor is not “safe”, others claim VPNs are not safe. That’s why we are giving the choice to the user on what IP-anonymization service he/she favors. We feel that for the “average user” Tor is a great option to hide the IP from the 1st party website (all 3rd parties get blocked by eBlocker anyway). If Tor is not for you, no problem: Just use eBlocker as a client to your preferred VPN service.

7) I’ve worked 13 years in the tracking industry raising “etracker” – a major German web analytics firm in Europe. I know all the tricks of the trade like canvas and device fingerprinting etc. You can be assured that we have taken my broad knowledge about the tracking industry to fight all the techniques currently on the market. I’m happy to get deep into the details but maybe this forum is not the best place.

8) Last but not least we invite you to test drive our technology and not judge it on a theoretical level. You can download eBlockerOS 8.3.X from our server and install it yourself on a Raspberry or Banana Pi. We’ve elaborated our marketing and press material having the general reader in mind and not going too much into technical details you might be interested in. Just get in touch with me per email and I’m looking forward to our dialog.

Again I’d like to point out that eBlocker is work in progress and we are not finished with the development yet. We listening close to all comments and suggestions so we can improve and make eBlocker the easiest and most comprehensive privacy solution ever.

David, we really appreciate your feedback and would love to have an exchange on facts and on an objective basis rather than on assumptions caused by our marketing material. We have good intentions and love to work with everyone in a constructive way and on eye level. I sincerely hope we can establish this together – just get in touch (cbennefeld @ eblocker.com)

2) You are a third party, though you seem to want users to believe otherwise. If you come between a user and (for instance) their bank’s website, you are intercepting that communication. You are, in addition, making it impossible for a user to verify–even in principle–that the website is offering a valid certificate, or a certificate the user has seen before from that bank. That stuff you said about routers and firewalls is trivially disposed of: routers and firewalls do not generally intercept and inspect the content of HTTPS communications. According to you, your device does. Either you don’t understand the significance of this, or you are attempting to mislead those readers who don’t understand. Which is it?

3) This is an assertion. It’s interesting. It may or may not be true at any point in time, at your discretion.

4) Automatic updates are arbitrary code. They can do whatever you decide they should do. The difference between “arbitrary code” and “update” lies only in the marketing. The “NO REMOTE ACCESS” thing is bafflegab. Of course the communication is initiated by eBlocker–otherwise, you’d have to configure people’s routers to allow port forwarding to access the devices. It sounds good, maybe especially in ALL CAPS, but has no particular meaning or value.

5) No, I have other projects. And I don’t believe your device is, even in principle, a good idea.

6) If you’re blocking all HTML and code from all sites other than the one accessed directly by the user, you’re probably breaking most of the websites your customers are visiting. I suspect that claim is hyperbole on your part. I did not say Tor is “not for me”; I use it more days than not. I said your inclusion of it via this method is both misleading and dangerous for your customers. The VPN issues I raised have not been addressed at all by this reply, which seems to say that the VPN capability of eBlocker has been improved since your earlier comments. Good, I suppose. Though a router capable of setting up a VPN is not actually a rarity. Installing open source firmware on a router is not very difficult, either.

7) I started writing code, and fooling around with cryptography, in 1981. I don’t know all the tricks. Possibly not even most of them. I doubt you do either. Your reply doesn’t strike me as substantive in regard to fingerprinting. Your responses seem, instead, intended to mislead casual readers with an appeal to the authority you want them to grant you. Is that the best you have? In my book, I continually ask people -not- to accept what I say, but check out the facts for themselves. I provide links. Not quite the approach you’re taking here.

8) Not interested. At all. For reasons I’ve given already. It doesn’t matter how well you implement flawed ideas. Though I’ll grant that flawed implementations can cause even worse problems. And anyway, who’s to say that the version you make available via download matches what you install? Or what Easter eggs are installed in either or both? The point: you want people to trust you and your device, though you provide no reason other than spin and misleading statements to justify that trust. It’ll probably work. Congratulations.

I’m not going to do this anymore. Feel free to twist my words again, if you like. Or, you know, drop eBlocker and go do something useful. Instead.

I offered you transparent information to clear up any misunderstandings. You refused.

I offered you to check our source code yourself. You refused.

I offered you to test drive the technology to get your hands on the “real” thing. You refused.

I offered an open dialog to learn what your concerns are and work together. You refused.

Instead of a dialog you keep on bashing a technology you apparently have no clue about and even recommend to drop the venture. Sorry, that is ridiculous.

I tried to take you seriously, but sorry, after all this … I don’t know.

I don’t understand what your motivation is other than bashing on someone. In my cultural circle we listen and engage into a dialog if we have a different opinion. And I am repeating myself: If you want an open technical dialog I’m here to listen and talk. Otherwise I’m focusing my energy to what our customers expect: Building a great privacy product for everyone – but maybe not for you.